12895: Rekeying and Renewing Your Expired Digital Certificates in RACF Hands-on Lab Intro
|
|
- Andrea Mills
- 5 years ago
- Views:
Transcription
1 12895: Rekeying and Renewing Your Expired Digital Certificates in RACF Hands-on Lab Intro Gwen Dente, IBM Advanced Technical Skills Tuesday, February 5, 2013: 09:30 AM - 10:30 AM, HIL, Union Square 23-24, Fourth Floor Session Number In this 1 st Document: Read Descriptions of 2 required Scenarios (pp. 9-12). Find your team s IPv4 interfaces and addresses (pp ). In the 2 nd Document: Lab starts on page 15 1
2 Abstract You finally succeeded in establishing a secure environment for FTP on z/os using security certificates and keyrings. But you forgot one thing: certificates and keys can expire and no longer be usable. In this lab you will learn how to manage your keys and certificates in order to avoid downtime incurred due to expired certificates. PREREQUISITE: This lab is self-driven and assumes that the attendee already understands x.509 certificate processing and Public Key Infrastructure. The knowledge can be gained by lectures or through previous experience. 2
3 Student MVSn Tests with MVS1; 2 Student TCP/IP Stacks (TCPIPT,TCPIPG) MVS1 MVSn = Student MVS Systems (MVS2-MVS7) z/vm HOST MACHINE LEGEND: n represents MVS suffix (1-7) Example: MVSn = MVS1-7 Example: 8n = MVS1 TCPIP1 TCPIPT TCPIPG MVS2 TCPIP1 TCPIPT TCPIPG MVS3 TCPIP1 TCPIPT TCPIPG MVS4 TCPIP1 TCPIPT TCPIPG MVS5 TCPIP1 TCPIPT TCPIPG MVS6 TCPIP1 TCPIPT TCPIPG MVS7 TCPIP1 TCPIPT TCPIPG 1 telnet n on TCPIP1 2 Analyze and test TCPIPT or TCPIPG LEGEND: 8n = to access TCPIP1 9n = to access TCPIPT 10n = to access TCPIPG 1. Telnet into Maintenance Stack (TCPIP1) at the MVSn Guest Machine. A. Initialize and Test your TCPIPT or TCPIPG stack with the instructor profile. B. Edit TCP/IP configurations for Test Stack (TCPIPT or TCPIPG) with ISPF editor under TSO 2. Initialize and Test your TCPIPT or TCPIPG with your new profile. 3. You will test your connections against the Instructor MVS: MVS1. 3
4 Scenarios for Testing between MVS1 & Student MVSn Instructor MVS1 Policy Agent (AT-TLS Policies) TCPIP IPv4 Network TN3270 Connection n Student MVS2 MVS7 TCPIP n Policy Agent (AT-TLS Policies) FTP Client on TCPIPT at OSA, VLINK1, VLINK2 (USERn01) Refresh & Test Expired Certificates FTPT Server on TCPIPT at OSA, VLINK1, VLINK2 Administrator: USERn1 FTP Client on TCPIPG at OSA, VLINK1, VLINK2 (USERn02) Refresh & Test Expired Certificates FTPG Server on TCPIPG at OSA, VLINK1, VLINK2 Administrator: USERn2 1. Test successful secured FTP client connection from MVS1 to your AT-TLS FTP Server at TCPIPT or TCPIPG stack in MVSn. Testing between Source and Destination OSA Port addresses. 2. Test same connection using expired FTP Server certificate on key ring associated with your FTP Server. 1. Refresh the expired Server certificate and re-test. Testing between Source and Destination VLINK1 addresses. 3. Test same connection again using expired CA and FTP Server certificates on key ring associated with your FTP Server. 1. Refresh both expired certificates and re-test the connection. Testing between Source and Destination VLINK2 addresses. 4
5 Assignment of Student IDs to TCPIPT or TCPIPG Stacks in MVSn TEAMn1 / USERn1 TCPIPT Stack TEAMn2 / USERn2 TCPIPG Stack Primary Userid Alternate Userid Primary Userid Alternate Userid MVS1: USER11 USER101 MVS1: USER12 USER102 MVS2: USER21 USER201 MVS2: USER22 USER202 MVS3: USER31 USER301 MVS3: USER32 USER302 MVS4: USER41 USER401 MVS4: USER42 USER402 MVS5: USER51 USER501 MVS5: USER52 USER502 MVS6: USER61 USER601 MVS6: USER62 USER602 MVS7: USER71 USER701 MVS7: USER72 USER702 n = Suffix of MVS Image Password: gbguser z/os hlq: USER.CS.xxx UNIX Subdirectory: /u/usernx ( nx is suffix of userid) 5
6 Assignment of Student IDs to TCPIPT in MVSn (TEAMn1) TEAMn1 / USERn1 Primary Userid MVS1: USER11 Users at TCPIPT Stack Telnet into TCPIP1 for Maintenance: Alternate Userid USER101 MVS2: USER21 MVS3: USER31 MVS4: USER41 MVS5: USER51 MVS6: USER61 MVS7: USER USER201 USER301 USER401 USER501 USER601 USER701 n = Suffix of MVS Image Password: gbguser z/os hlq: USER.CS.xxx UNIX Subdirectory: /u/usernx ( nx is suffix of userid) 6
7 Assignment of Student IDs to TCPIPG in MVSn (TEAMn2) TEAMn2 / USERn2 Primary Userid MVS1: USER12 Users at TCPIPG Stack Telnet into TCPIP1 for Maintenance: Alternate Userid USER102 MVS2: USER22 MVS3: USER32 MVS4: USER42 MVS5: USER52 MVS6: USER62 MVS7: USER USER202 USER302 USER402 USER502 USER602 USER702 n = Suffix of MVS Image Password: gbguser z/os hlq: USER.CS.xxx UNIX Subdirectory: /u/usernx ( nx is suffix of userid) 7
8 Key Ring Repository Scenarios (Key Rings and their Certificates) 8
9 Two Choices: Renew Expiring Certificate or Replace Private Key Renewing an expiring certificate When a certificate approaches its expiration date, you can renew the certificate and continue using it. You can choose to renew the certificate using the same private key, thereby extending the life of the private key. Retiring a private key Or you can retire the private key and replace it with a new private key (also called certificate rekeying or key rollover). Scenarios In Scenario 1 while using a discrete AT-TLS policy for address ranges for TCPIPT and for TCPIPG your AT-TLS connections work fine. Certificates are still valid. In Scenario 2 and using a 2 nd discrete AT-TLS policy for address ranges for TCPIPT and for TCPIPG your AT-TLS connections fail with SSL Return Code of 401. In Optional Scenario 3 we ask you to rekey ( rollover ) the FTP Server Certificate and test it. In Optional Scenario 4 while using a 3 rd discrete AT-TLS policy for address ranges for TCPIPT and for TCPIPG your AT-TLS connections fail with SSL Return Code of 401. RACF Prerequisites Authorization to the RACDCERT ROLLOVER, GENCERT, GENREQ, ALTER, REKEY commands and the SETROPTS command. Only the Instructor has authorization to the SETROPTS command, but the PROC named SPECUSER can issue the command on a student s behalf. Prior to the class, students are permitted appropriate temporary access to the facility classes for ALTER, REKEY, and ROLLOVER. 9
10 Scenario 1: Successful Key Ring and its Certificates FTP.DATA specifies Server Authentication Only Instructor MVS1 Policy Agent (AT-TLS Policies) TCPIP/Client_RING TCPIP/Client_RING MVS1 MVS1 LABS LABS Certificate Certificate Authority Authority TCPIP FTP Client on TCPIPT at (USERn01) FTP Client on TCPIPG at (USERn02) Student MVS2 MVS7 TCPIP n Policy Agent (AT-TLS Policies) FTPT Server on TCPIPT at n Administrator: USERn1 FTPG Server on TCPIPG at n Administrator: USERn2 FTPD/Server_RING FTPD/Server_RING FTP FTP Server Server on on MVS1-MVS7 MVS1-MVS7 MVS1 MVS1 LABS LABS Certificate Certificate Authority Authority 1. All Key Rings are shared and contain valid and trusted certificates that have not yet expired. 2. Testing between Source and Destination OSA Port addresses: TCPIPT: ; TCPIPG:
11 Scenario 2: Key Ring and Renewal of Expired FTP Server Certificate FTP.DATA specifies Server Authentication Only FTPD/FTPEXPn1_RING FTPServern1 EXP MVS1 LABS Certificate Authority Instructor MVS1 Policy Agent (AT-TLS Policies) TCPIP FTP Client on TCPIPT at (USERn01) FTP Client on TCPIPG at (USERn02) Student MVS2 MVS7 TCPIP n Policy Agent (AT-TLS Policies) FTPT Server on TCPIPT at n Administrator: USERn1 FTPG Server on TCPIPG at n Administrator: USERn2 TCPIP/Client_RING TCPIP/Client_RING MVS1 MVS1 LABS LABS Certificate Certificate Authority Authority SSL RC 401 FTPD/FTPEXPn2_RING FTPServern2 EXP MVS1 LABS Certificate Authority 1. The separate FTP Server Key Rings contain an expired FTP Server Certificate. The FTP Client Ring is shared. 2. You must change the expiration dates for these certificates by RENEWING them. The Public/Private keys remain intact. Addresses are VLINK1 addresses: TCPIPT: ; 11 TCPIPG:
12 Scenario 3 (Optional): Rekeying ( Rollover ) of Personal FTP Server Certificate Instructor MVS1 Policy Agent (AT-TLS Policies) FTP.DATA specifies Server Authentication Only TCPIP Student MVS2 MVS7 TCPIP n Policy Agent (AT-TLS Policies) FTPD/FTPEXPn1_RING FTPServern1 EXP [ FTPServern1 EXP-2 ] MVS1 LABS Certificate Authority FTP Client on TCPIPT at (USERn01) FTPT Server on TCPIPT at n Administrator: USERn1 TCPIP/Client_RING TCPIP/Client_RING MVS1 MVS1 LABS LABS Certificate Certificate Authority Authority FTP Client on TCPIPG at (USERn02) FTPG Server on TCPIPG at n Administrator: USERn2 FTPD/FTPEXPn2_RING FTPServern2 EXP [ FTPServern2 EXP-2 ] MVS1 LABS Certificate Authority 1. The separate FTP Server Certificates are associated with Private Keys that have been compromised. The FTP Client Key Ring is shared. 2. You must correct this certificate with a RENEW and then with a ROLLOVER and test. Addresses are VLINK1 addresses: TCPIPT: ; TCPIPG:
13 Scenario 4 (Optional): Rekeying ( Rollover ) of Certificate Authority & FTP Server Personal Certificates TCPIP/ClientEXPn1_RING ZOSn1 EXPCA [ ZOSn1 EXPCA-2 ] Instructor MVS1 Policy Agent (AT-TLS Policies) FTP.DATA specifies Server Authentication Only TCPIP Student MVS2 MVS7 TCPIP n Policy Agent (AT-TLS Policies) FTPD/FTPCAXn1_RING FTPServern1 EXPCA ZOSn1 EXPCA [ ZOSn1 EXPCA-2 ] FTP Client on TCPIPT at (USERn01) FTP Client on TCPIPG at (USERn02) FTPT Server on TCPIPT at n Administrator: USERn1 FTPG Server on TCPIPG at n Administrator: USERn2 TCPIP/ClientEXPn2_RING ZOSn2 EXPCA [ ZOSn2 EXPCA-2 ] 1. The separate FTP Server Key Rings **and** the separate Client Key Rings contain expired FTP Server and CA certificates. 2. You must RENEW both certificates & REKEY the CA certificate. Then you must test the results with VLINK2 addresses: TCPIPT: ; TCPIPG: FTPD/FTPCAXn2_RING FTPServern2 EXPCA ZOSn2 EXPCA [ ZOSn2 EXPCA-2 ]
14 APPENDIX A: Addresses for MVS1 MVS7 in TCPIPT and TCPIPG 14
15 MVS1 Addresses and (Sub)Networks - Instructor MVS - TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPT: Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 15
16 MVS1 Addresses and (Sub)Networks - Instructor MVS - TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 16
17 Student MVS2 Addresses and (Sub)Networks TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER21 TSO Password = gbguser UNIX Subdirectory = /u/user21 Telnet to Alternate USERID = USER201 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 17
18 Student MVS2 Addresses and (Sub)Networks TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER22 TSO Password = gbguser UNIX Subdirectory = /u/user22 Telnet to Alternate USERID = USER202 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 18
19 Student MVS3 Addresses and (Sub)Networks TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER31 TSO Password = gbguser UNIX Subdirectory = /u/user31 Telnet to Alternate USERID = USER301 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 19
20 Student MVS3 Addresses and (Sub)Networks TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER32 TSO Password = gbguser UNIX Subdirectory = /u/user32 Telnet to Alternate USERID = USER302 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 20
21 Student MVS4 Addresses and (Sub)Networks TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER41 TSO Password = gbguser UNIX Subdirectory = /u/user41 Telnet to Alternate USERID = USER401 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 21
22 Student MVS4 Addresses and (Sub)Networks TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER42 TSO Password = gbguser UNIX Subdirectory = /u/user42 Telnet to Alternate USERID = USER402 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 22
23 Student MVS5 Addresses and (Sub)Networks TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER51 TSO Password = gbguser UNIX Subdirectory = /u/user51 Telnet to Alternate USERID = USER501 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 23
24 Student MVS5 Addresses and (Sub)Networks TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER52 TSO Password = gbguser UNIX Subdirectory = /u/user52 Telnet to Alternate USERID = USER502 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 24
25 Student MVS6 Addresses and (Sub)Networks TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER61 TSO Password = gbguser UNIX Subdirectory = /u/user61 Telnet to Alternate USERID = USER601 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 25
26 Student MVS6 Addresses and (Sub)Networks TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER62 TSO Password = gbguser UNIX Subdirectory = /u/user62 Telnet to Alternate USERID = USER602 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 26
27 Student MVS7 Addresses and (Sub)Networks TCPIPT At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER71 TSO Password = gbguser UNIX Subdirectory = /u/user71 Telnet to Alternate USERID = USER701 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 27
28 Student MVS7 Addresses and (Sub)Networks TCPIPG At Control or Maintenance TCPIP1: Telnet Address is At Customizable TCPIPG: Student USERID = USER72 TSO Password = gbguser UNIX Subdirectory = /u/user72 Telnet to Alternate USERID = USER702 Static VIPAs: VLINK / 24 VLINK / Base-T OSA Interface: GIG1F/LGIG1F (aka OSDGIG1F) / 24 Dynamic XCF Interfaces (incl. Dynamic HiperSocket): EZASAMEMVS / 24 IQDIOLNK n / 24 Predefined HiperSocket: HSDELNK / 24 Loopback: LOOPBACK / 24 Default Gateway: / 24 28
29 APPENDIX B: Setup Jobs & References 29
30 Instructor-run Jobs Prior to Lab At MVS1: SYS1.CS.CNTL(RACFPSEC) -- against shared RACF Database from one system SYS1.CS.CNTL(RACFP100) -- against shared RACF Database from one system SYS1.CS.CNTL(RACFSIZE) -- against shared RACF Database """"""""" NOTE: Your instructor will already have initialized the following procedures at MVS1 the system from which you will be testing: /s TCPIP1 and /s TN3270 and /s FTPCCL /s PAGENTT /S TCPIPT,PROF=TCPSn1,CS=SYS1 /V TCPIP,TCPIPT,O,SYS1.CS.TCPPARMS(TLSON) /s FTPT,cs=sys1,fdat=ftpSAUTH,data=dat1a /S TCPIPG,PROF=TCPSn2,CS=SYS1 /V TCPIP,TCPIPT,O,SYS1.CS.TCPPARMS(TLSON) /s FTPG,cs=sys1,fdat=ftpSAUTH,data=datag /S tn3270t TN3270T PROC PARMS='CTRACE(CTIEZBTN)',PROF=TN&CL1.A,CS=SYS1, DATA=DAT&CL1.A UNIX Copy Jobs for Policy Agent Setup and Policies at all systems /BACKUP/CSPOLICY/CERTREFRESH/ussCERTREFRESH.sh On Your MVS: 1) Your instructor will also have run one script to clear out the student directories from a previous lab offering. 1) EMPTYCER (copies skeletons into student datasets on unique volumes) 1) Must be run at each MVS: MVS2-MVS7 2) /s TCPIP1 and /s TN3270 and /s FTPCCL 2) /s PAGENTT /S TCPIPT, CS=SYS1,PROF=TCPSn1 /V TCPIP,TCPIPT,O,SYS1.CS.TCPPARMS(TLSON) /s FTPT,cs=sys1,fdat=FTPSAUTH,data=dat1a /S TCPIPG, CS=SYS1,PROF=TCPSn2 /V TCPIP,TCPIPT,O,SYS1.CS.TCPPARMS(TLSON) /s FTPG,cs=sys1,fdat=FTPSAUTH,data=datag FTP.DATA of FTPSAUTH specifies Server Authentication Only OTHER INFORMATION: SCENARIO 1 Command for TEST: ===> ftp -r TLS -f "//'sys1.cs.tcpparms(ftpclsec)'" -p TCPIPT -s /s SPECUSER = procedure to execute SETROPTS with Special User Authority 30
31 Instructor Jobs Used to Create Pre-Existing Certificates and Rings At MVS1 Shared RACF Database: SYS1.CS.CNTL(RACDCLR1) //****FOR EXERCISE ON REKEYING/REFRESHING CA and Server CERTS ********** //* Creates Generic Client Ring with only CA connected to it * //* Creates Individual Client Rings with only CA connected to them * //********************************************************************* SYS1.CS.CNTL(RACDFTPX) //****FOR EXERCISE ON REKEYING/REFRESHING SERVER CERTIFICATES ********* //* TCPIPT: Create Individual Personal Certificate for FTP Server 11 * //* USER11.. USING EXPIRED FTP Server Certificate * //* TCPIPG: Create Individual Personal Certificate for FTP Server 12 * //* USER12.. USING EXPIRED FTP Server Certificate * //********************************************************************* SYS1.CS.CNTL(RACDCAX) //****FOR EXERCISE ON REKEYING/REFRESHING CA and Server CERTS ********* //* TCPIPT: Create CA and FTP Server Certs that are both expired * //* USER11.. USING EXPIRED FTP Server Certificate * //* TCPIPG: Create CA and FTP Server Certs that are both expired * //* USER12.. USING EXPIRED FTP Server Certificate * //********************************************************************* 31
32 Instructor Jobs Used to Create Pre-Existing Certificates and Rings At MVS1 Shared RACF Database: SYS1.CS.CNTL(RACDFTPA) //****FOR EXERCISE ON REKEYING/REFRESHING CA and Server CERTS ******** //* Creates Generic SERVER CERT for FTP SERVER on MVS1-7 * //* Creates Generic SERVER Ring with CACERT and Generic FTP SRVCERT * //****** THIS NEVER NEEDS A CLEANUP ********************************* //******************************************************************** SYS1.CS.CNTL(RACDFTPX) //****FOR EXERCISE ON REKEYING/REFRESHING SERVER CERTIFICATES ********* //* TCPIPT: Create Individual Personal Certificate for FTP Server 11 * //* USER11.. USING EXPIRED FTP Server Certificate * //* TCPIPG: Create Individual Personal Certificate for FTP Server 12 * //* USER12.. USING EXPIRED FTP Server Certificate * //********************************************************************* SYS1.CS.CNTL(RACDCAX) //****FOR EXERCISE ON REKEYING/REFRESHING CA and Server CERTS ********* //* TCPIPT: Create CA and FTP Server Certs that are both expired * //* USER11.. USING EXPIRED FTP Server Certificate * //* TCPIPG: Create CA and FTP Server Certs that are both expired * //* USER12.. USING EXPIRED FTP Server Certificate * //********************************************************************* 32
33 Instructor Jobs Used to Create Pre-Existing Certificates and Rings At MVS1 Shared RACF Database: SYS1.CS.CNTL(RACDDEL2) //****FOR SCENARIO 2 REKEYING/REFRESHING CA and Server CERTS ********* //* Deletes the student Server Key Rings from previous class * //* Deletes the student FTPServer Certificates from RACF Repository * //****** RERUN THE JOB RACDFTPX TO DO the FOLLOWING ************** //* Recreates student FTPServer Certificate with Expired Dates * //* Recreates the Server Key Rings and connects certificates * //********************************************************************* SYS1.CS.CNTL(RACDDEL4) //****FOR SCENARIO 4 REKEYING/REFRESHING CA and Server CERTS ********* //* Deletes the student Client Key Rings from previous class * //* Deletes the student Server Key Rings from previous class * //* Deletes the student FTPServer Certificates from RACF Repository * //* Deletes the old and rolled over CA Certificates (RACF Repository) * //* Recreates the CA Certificate which students later rollover * //* Recreates student FTPServer Certificate with Expired Dates * //* Recreates the Client Key Rings and connects certificates * //* Recreates the Server Key Rings and connects certificates * //********************************************************************* SYS1.CS.CNTL(RACDCLR2) //****FOR EXERCISE ON REKEYING/REFRESHING CA and Server CERTS ********** //* Creates INDIVIDUAL Client Rings with only CA connected to them * //*********** THE CLIENTS WILL NEED TO REFRESH THIS KEYRING ********** //*********** with a renewed and rekeyed certificate ********** //********************************************************************* 33
34 END OF LAB 12895: Rekeying and Renewing Your Expired Digital Certificates in RACF Hands-on Lab Intro Gwen Dente, IBM Advanced Technical Skills Tuesday, February 5, 2013: 09:30 AM - 10:30 AM, HIL, Union Square 23-24, Fourth Floor Session Number In this 1 st Document: Read Descriptions of 2 required Scenarios (pp. 9-12). Find your team s IPv4 interfaces and addresses (pp ). In the 2 nd Document: Lab starts on page 15 34
Session Creating, Renewing, and Testing x.509 Digital Certificates with RACF
Session 13542 Creating, Renewing, and Testing x.509 Digital Certificates with RACF Intro to Hands-on Renew Certificate Lab (Part 2) Gwendolyn J. Dente (gdente@us.ibm.com) IBM Advanced Technical Sales Support
More informationIPv6 Configuration on z/os Hands-on Lab Introduction
SHARE San Francisco 2013 Session 12861 IPv6 Configuration on z/os Hands-on Lab Introduction Find your team s assigned IPv6 addresses in this 1 st Document (pp. 9-15). Lab starts on page 9 of 2 nd Document.
More informationIPv6 Configuration on z/os Hands-on Lab Introduction
Smarter Systems for a Smarter Planet SHARE Anaheim 2012 Session 11351 IPv6 Configuration on z/os Hands-on Lab Introduction IMPORTANT: Speaker: Gwendolyn J. Dente (gdente@us.ibm.com) IBM Advanced Technical
More informationIPv6 Configuration on z/os Hands-on Lab Introduction
Smarter Systems for a Smarter Planet SHARE Atlanta 2012 Session 10836 IPv6 Configuration on z/os Hands-on Lab Introduction IMPORTANT: Speaker: Gwendolyn J. Dente (gdente@us.ibm.com) IBM Advanced Technical
More informationHands-on Lab: Setting up the z/os LDAP Server with the dsconfig utility.
Hands-on Lab: Setting up the z/os LDAP Server with the dsconfig utility. Background: The z/os LDAP server was introduced several years ago. It was a standard LDAP v3 server with support for LDAP v2 if
More informationLab Overview In this lab, you will learn how to perform the following tasks with Encryption Facility for z/os:
Lab Overview In this lab, you will learn how to perform the following tasks with Encryption Facility for z/os: Creating an OpenPGP Keyring Creating new RSA key pairs Creating OpenPGP certificates Exporting
More informationObjectives of this Lab
Objectives of this Lab In this Lab you will learn how to perform the following tasks with Encryption Facility for z/os: Creating a Java Keystore Creating an OpenPGP Keyring Creating new RSA key pairs Creating
More informationCA ACF2 for z/os Adapter Installation and Configuration Guide
IBM Security Identity Manager Version 6.0 CA ACF2 for z/os Adapter Installation and Configuration Guide SC27-4383-01 IBM Security Identity Manager Version 6.0 CA ACF2 for z/os Adapter Installation and
More informationProtocol Comparisons: OpenSSH, SSL/TLS (AT-TLS), IPSec
Protocol Comparisons: OpenSSH, SSL/TLS (AT-TLS), IPSec Author: Gwen Dente, IBM Gaithersburg, MD Acknowledgments: Alfred Christensen, IBM Erin Farr, IBM Christopher Meyer, IBM Linwood Overby, IBM Richard
More informationRACF Adapter Installation and Configuration Guide
IBM Security Identity Manager Version 6.0 RACF Adapter Installation and Configuration Guide SC27-4407-02 IBM Security Identity Manager Version 6.0 RACF Adapter Installation and Configuration Guide SC27-4407-02
More informationRumba 9.3: Certificate Express Logon. Quick Start Guide
Rumba 9.3: Certificate Express Logon Quick Start Guide Micro Focus The Lawn 22-30 Old Bath Road Newbury, Berkshire RG14 1QN UK http://www.microfocus.com Copyright Micro Focus 1984-2014. All rights reserved.
More informationEnabling AT-TLS encrypted communication between z/os and IBM Guardium Appliance
Enabling AT-TLS encrypted communication between z/os and IBM Guardium Appliance Purpose of this document: This document is an example of how to configure encrypted communication between z/os using AT-TLS
More informationIBM Tivoli Monitoring for Transaction Performance: z/os Management Agent Addendum
IBM Tioli Monitoring for Transaction Performance: z/os Management Agent Addendum IBM Tioli Monitoring for Transaction Performance, Version 5.2 with Fix pack 5.2-WTP-FP01 now supports management agents
More informationMike Loos Consulting IT Specialist WebSphere on z/os
Configuring in WebSphere Application Server V6.1 for z/os An example Configuration of fine grained security using the WSADMIN tool with Jython commands. Mike Loos Consulting IT Specialist WebSphere on
More informationUpdating Your Windows Server 2003 Technology Skills to Windows Server 2008
6416D: Updating Your Windows Server 2003 Technology Skills to Windows Server 2008 Page 1 of 10 Updating Your Windows Server 2003 Technology Skills to Windows Server 2008 Course 6416D: 4 days; Instructor-Led
More informationIBM. User's Guide. IBM Explorer for z/os. Version 3 Release 0 SC
IBM Explorer for z/os IBM User's Guide Version 3 Release 0 SC27-8431-01 IBM Explorer for z/os IBM User's Guide Version 3 Release 0 SC27-8431-01 Note Before using this information, be sure to read the
More informationGwendolyn Dente:
Gwendolyn Dente: gdente@us.ibm.com 1 System z Social Media Channels Top Facebook pages related to System z: IBM System z IBM Academic Initiative System z IBM Master the Mainframe Contest IBM Destination
More informationInstructions for Enabling WebSphere for z/os V8 for Hardware Cryptography
OVERVIEW This paper is intended to document the steps needed to enable the Case 3 configuration described in Techdocs paper TD101213. That paper was originally published for WebSphere for z/os V6.1. Numerous
More informationInstructions for Enabling WebSphere for z/os V7 for Hardware Cryptography
OVERVIEW This paper is intended to document the steps needed to enable the Case 3 configuration described in Techdocs paper TD101213. That paper was originally published for WebSphere for z/os V6.1. Numerous
More informationLab 1.3.2: Review of Concepts from Exploration 1 - Challenge
Lab 1.3.2: Review of Concepts from Exploration 1 - Challenge Topology Diagram Learning Objectives Upon completion of this lab, you will be able to: Create a logical topology given network requirements
More informationIBM Education Assistance for z/os V2R2
IBM Education Assistance for z/os V2R2 Item: NAS PKINIT Element/Component: NAS (Kerberos) Material current as of May 2015 Agenda Trademarks Presentation Objectives Overview Usage & Invocation Interactions
More informationManage your Workloads and Performance with z/osmf
Manage your Workloads and Performance with z/osmf Stefan Wirag (stefan.wirag@de.ibm.com) IBM Corporation Friday, March 4, 2011 Session 8859 z/os Management Facility The IBM z/os Management Facility provides
More informationHands-On TCP/IP Networking
Hands-On Course Description In this Hands-On TCP/IP course, the student will work on a live TCP/IP network, reinforcing the discussed subject material. TCP/IP is the communications protocol suite on which
More informationMainframe Installation Guide. Version 6.0, November 2003
Mainframe Installation Guide Version 6.0, November 2003 IONA, IONA Technologies, the IONA logo, Orbix, Orbix/E, Orbacus, Artix, Orchestrator, Mobile Orchestrator, Enterprise Integrator, Adaptive Runtime
More informationConfiguring Health Checker for z/os Hands-on Lab
Configuring Health Checker for z/os Hands-on Lab Gordon Daniel NewEra Software, Inc. August 9, 2011 Session 9680 Introduction Hopefully you have some knowledge of the Health Checker and what it does. If
More informationInternational Technical Support Organization. IBM System Storage Tape Encryption Solutions. May 2009 SG
International Technical Support Organization IBM System Storage Tape Encryption Solutions May 2009 SG24-7320-02 Contents Notices Trademarks xiii xiv Preface xv The team that wrote this book xv Become a
More informationIBM HTTP Server V7 and the RACF Auto- Registration Application
IBM HTTP Server V7 and the RACF Auto- Registration Application This document can be found on the web, www.ibm.com/support/techdocs Document ID: PRS4791 October 14, 2011 Mike Kearney Overview In 1996, IBM
More informationUsing the z/os SMB Server to Access z/os Data from Windows Hands-On Lab. Lab prepared by Jim Showalter and Karl Lavo
Session 11572 Using the z/os SMB Server to Access z/os Data from Windows Hands-On Lab Lab prepared by Jim Showalter and Karl Lavo 1 2012 IBM Corporation Trademark Information The following are trademarks
More informationIMPLEMENTING A DESKTOP INFRASTRUCTURE. Course: 20415A Duration: 5 Days; Instructor-led
CENTER OF KNOWLEDGE, PATH TO SUCCESS Website: IMPLEMENTING A DESKTOP INFRASTRUCTURE Course: 20415A Duration: 5 Days; Instructor-led WHAT YOU WILL LEARN This 5-day instructor-led course provides you with
More informationMicrosoft Updating Your Windows Server 2003 Technology Skills to Windows Server 2008
1800 ULEARN (853 276) www.ddls.com.au Microsoft 6416 - Updating Your Windows Server 2003 Technology Skills to Windows Server 2008 Length 5 days Price $4290.00 (inc GST) Overview This five-day instructor-led
More informationCICS Explorer. Matthew Webster IBM Thursday, February 7, IBM Corporation
CICS Explorer Matthew Webster IBM Thursday, February 7, 2013 12426 http://www.linkedin.com/pub/matthew-webster/31/b09/b16 2013 IBM Corporation CICS Explorer Looking for new ways to accelerate the transfer
More informationVMware Horizon 7 Administration Training
VMware Horizon 7 Administration Training Course Course Duration : 20 Working Days Class Duration : 3 hours per day Fast Track: - Course duration 10days (Per day 8 hours) Get Fee Details Module 1: Introduction
More informationIBM Rational Developer for System z PROC Validation
RDz Workstation / Host Component Validation IBM Rational Developer for System z PROC Validation Checklist #3 Version V1.3 February 27, 2012 The home location for this document is in the RDz Server Health
More informationAutomated Sign-on for Mainframe Administrator Guide
Automated Sign-on for Mainframe Administrator Guide 12.5.1 For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy,
More informationThe Domino Certificate Authority Key Rollover Process. Author: Graham Farrell IBM Domino server Support Engineer
The Domino Certificate Authority Key Rollover Process Author: Graham Farrell IBM Domino server Support Engineer 1 Introduction.... 3 Terms and Abbreviations... 4 The Domino Certificate Authority and The
More informationConfiguring, Managing, and Maintaining Windows Server 2008 R2 Servers
Configuring, Managing, and Maintaining Windows Server 2008 R2 Servers Course 6419B - Five Days - Instructor-led - Hands on Introduction This five-day instructor-led course provides students with the knowledge
More informationUnderstanding VLANs when Sharing OSA Ports on System z
Understanding VLANs when Sharing OSA Ports on System z Gwen Dente, IBM Advanced Technical Support Washington Systems Center, Gaithersburg, MD 20879 Scenarios compiled by Gwen Dente, IBM Advanced Technical
More informationUni Hamburg Mainframe Summit z/os The Mainframe Operating. Part 2 TSO, ISPF und Unix Shell. Introduction to the new mainframe
Uni Hamburg Mainframe Summit z/os The Mainframe Operating Chapter 4: Interactive facilities of z/os: TSO/E, ISPF, and UNIX Part 2 TSO, ISPF und Unix Shell Michael Großmann IBM Technical Sales Mainframe
More informationImplementing Microsoft Internet Security and Acceleration Server 2004
Implementing Microsoft Internet Security and Acceleration Key Data Course #: 2824 Number of Days: 5 Format: Instructor-Led Certification Track: This course will also help to prepare individuals pursuing
More informationLinux Installation Planning
Linux Installation Planning Mark Post Novell, Inc. March 4, 2011 Session 8986 Agenda More Questions Than Answers First Things First Pick the Right Architecture Disk Storage Selection Application Selection
More informationNE-2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services
NE-2277 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services Summary Duration 5 Days Audience IT Professionals Level 300 Technology Microsoft
More informationSharing Secrets using Encryption Facility - Handson
Sharing Secrets using Encryption Facility - Handson Lab Steven R. Hart IBM March 12, 2014 Session Number 14963 Encryption Facility for z/os Encryption Facility for z/os is a host based software solution
More informationDatapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record
1 2 3 Datapower is both a security appliance & can provide a firewall mechanism to get into Systems of Record 5 White boxes show the access points for different kinds of security. That s what we will
More informationConfiguring, Managing and Maintaining Windows Server 2008-based Servers (Course 6419)
Length: 5 Days About this Course This five-day instructor-led course provides students with the knowledge and skills that are required to manage accounts and resources, maintain server resources, monitor
More informationContents. Part 1: Introduction to the Express Logon Feature
Setting up and Using the IBM Express Logon Feature Contents Part 1: Introduction to the Express Logon Feature 1.1 General Requirements 1.2 Overview of Express Logon Feature 1.2.1 Flow Description 1.2.2
More informationz/vm Security and Integrity
Alan Altmark, z/vm Architecture and Design Alan_Altmark@us.ibm.com Trademarks STG Technical Conferences 2009 The following are trademarks of the International Business Machines Corporation in the United
More informationBsafe/Enterprise Security Enhancements v.6.1
Bsafe/Enterprise Security Enhancements v.6.1 For IBM i, IBM z and CPA Overview Overview More functionality. Improved usability. More reporting power. Platform Oriented Navigation Platform Oriented Navigation
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationIBM. Common Component Customization Guide and User Guide. Problem Determination Tools for z/os. Version 1 Release 7 SC
Problem Determination Tools for z/os IBM Common Component Customization Guide and User Guide Version 1 Release 7 SC19-4159-05 Problem Determination Tools for z/os IBM Common Component Customization Guide
More informationIntegrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise
System z Integrating the Hardware Management Console s Broadband Remote Support Facility into your Enterprise SC28-6880-00 System z Integrating the Hardware Management Console s Broadband Remote Support
More informationInstructor Information for
Instructor Information for zseries University System Document Release: / DRAFT 11-Mar-07 Document Owner Michael Grossmann IBM Germany +49 (0) 171-5601157 grossman@de.ibm.com ZEUS_Access.doc 1 Contents
More informationz/os Management Facility demonstration
z/os Management Facility demonstration June, 2016 Agenda IBM eserver pseries z/os Management Facility: definition and functions z/osmf: a Web application running inside z/os -> demo - MVS view - Web user
More informationIBM. Sendmail to CSSMTP bridge. z/os Communications Server. Version 2 Release 1
z/os Communications Server IBM Sendmail to CSSMTP bridge Version 2 Release 1 Note: Links to related publications are from original documents and might not work. The links to publications are included for
More informationUnderstanding z/osmf for the Performance Management Sysprog
Glenn Anderson, IBM Lab Services and Training Understanding z/osmf for the Performance Management Sysprog Winter SHARE March 2014 Session 55220 z/osmf: the z/os Management Facility z/osmf is a new product
More informationSecuring Mainframe File Transfers and TN3270
Securing Mainframe File Transfers and TN3270 with SSH Tectia Server for IBM z/os White Paper October 2007 SSH Tectia provides a versatile, enterprise-class Secure Shell protocol (SSH2) implementation for
More informationF5 Networks F5LTM12: F5 Networks Configuring BIG-IP LTM: Local Traffic Manager. Upcoming Dates. Course Description. Course Outline
F5 Networks F5LTM12: F5 Networks Configuring BIG-IP LTM: Local Traffic Manager This course gives network professionals a functional understanding of BIG-IP Local Traffic Manager, introducing students to
More informationIBM Process Server Components
Unit 3 - Network Deployment Process Server Configuration IBM Business Process Manager for z/os V8.5 'Advanced-Only' What you Will build DMgr B#Cell B#DMnode B#nodeA Cluster (DE) SR01 AdvOnly Server SR01A
More informationDesigning and Managing a Windows Public Key Infrastructure
Designing and Managing a Windows Public Key Infrastructure Key Data Course #: 2821A Number of Days: 4 Format: Instructor-Led Certification Track: Exam 70-214: Implementing and Managing Security in a Windows
More informationIBM z/os Management Facility Hands-on Lab
IBM z/os Management Facility Hands-on Lab Session 9075 SHARE in Anaheim March 2011 Anuja Deedwaniya anujad@us.ibm.com Page 1 of 45 Lab Agenda Brief overview of z/osmf Start the hands on Lab Logon to z/osmf
More informationIBM. Security Digital Certificate Manager. IBM i 7.1
IBM IBM i Security Digital Certificate Manager 7.1 IBM IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in
More information20745B: Implementing a Software- Defined DataCenter Using System Center Virtual Machine Manager
20745B: Implementing a Software- Defined DataCenter Using System Center Virtual Machine Manager Duration: 5 days; Instructor-led Familiarity with Windows Server and Windows Server administration An understanding
More informationWorkspace ONE UEM Notification Service 2. VMware Workspace ONE UEM 1811
Workspace ONE UEM Email Notification Service 2 VMware Workspace ONE UEM 1811 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments
More informationSecuring Connections for IBM Traveler Apps. Bill Wimer STSM for IBM Collaboration Solutions December 13, 2016
Securing Connections for IBM Traveler Apps Bill Wimer (bwimer@us.ibm.com), STSM for IBM Collaboration Solutions December 13, 2016 IBM Technote Article #21989980 Securing Connections for IBM Traveler mobile
More informationConfiguring and Troubleshooting Windows Server 2008 Active Directory Domain Services (Course 6425A)
Duration Five days Introduction This five-day instructor-led course provides to teach Active Directory Technology Specialists with the knowledge and skills to configure in a distributed environment, implement
More informationIBM z/os Management Facility V2R1 Solution Guide IBM Redbooks Solution Guide
IBM z/os Management Facility V2R1 Solution Guide IBM Redbooks Solution Guide z/osmf is a product for IBM z/os that simplifies, optimizes, and modernizes the z/os system programmer experience. z/osmf delivers
More information6421A: Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure
www.peaksolutions.com 6421A: Configuring and Troubleshooting a Windows Server 2008 Network Infrastructure Course 6421A: Five days; Instructor-Led Introduction This five-day instructor-led course provides
More informationRevision History: Original material produced for Lotus Notes and Lotus Domino Release
Disclaimer THIS DOCUMENTATION IS PROVIDED FOR REFERENCE PURPOSES ONLY. WHILE EFFORTS WERE MADE TO VERIFY THE COMPLETENESS AND ACCURACY OF THE INFORMATION CONTAINED IN THIS DOCUMENTATION, THIS DOCUMENTATION
More informationMicrosoft Configuring, Managing and Maintaining Windows Server 2008
1800 ULEARN (853 276) www.ddls.com.au Microsoft 6419 - Configuring, Managing and Maintaining Windows Server 2008 Length 5 days Price $4290.00 (inc GST) Overview This five-day instructor-led course provides
More information8.9.2 Lab: Configure an Ethernet NIC to use DHCP in Windows Vista
8.9.2 Lab: Configure an Ethernet NIC to use DHCP in Windows Vista Introduction If Vista is not available in your classroom, you may complete this lab by viewing the figures in this document. Print and
More informationIBM. PDF file of IBM Knowledge Center topics. IBM Operations Analytics for z Systems. Version 2 Release 2
IBM Operations Analytics for z Systems IBM PDF file of IBM Knowledge Center topics Version 2 Release 2 IBM Operations Analytics for z Systems IBM PDF file of IBM Knowledge Center topics Version 2 Release
More informationLOWER THE COST OF PROVIDING z/os SERVICES
TITLE INTEGRITY CONTROLS ENVIRONMENT The Four Pillars of z/os Operational Integrity MAINTAIN AND INCREASE z/os AVAILABILITY High availability is one of the cornerstones of the IBM mainframe and z operating
More informationAPA Automatic Nomination System. FTPS Access Request. For Gas Transmission Customers
APA Automatic Nomination System FTPS Access Request For Gas Transmission Customers Version: v0.7 Date: 29 th November 2012 All rights reserved. No part of this document may be reproduced, stored in a retrieval
More informationMicrosoft OWA 2013 IIS Integration
Microsoft OWA 2013 IIS Integration Contents 1 Introduction 2 Compatibility 3 Prerequisites 4 File Downloads 5 Architecture 6 Installation 6.1 Software Installation 6.2 Configuration of the IIS Filter 6.2.1
More informationAdministrator Accounts
Administrator Accounts Contents Overview... 2 ACL Permissions Overview... 3 Changing the Default Admin Password... 3 ACL Permission Levels... 4 Creating an Adminstrator Class... 4 Administrator Class Examples...
More informationDesigning and Implementing a Server 2012 Infrastructure
Designing and Implementing a Server 2012 Infrastructure Course 20413C 5 Days Instructor-led, Hands-on Introduction This 5-day instructor-led course provides you with the skills and knowledge needed to
More informationCisco IOS for S/390 Architecture
CHAPTER 1 Cisco IOS for S/390 Architecture This chapter describes the architecture of Cisco IOS for S/390. It includes the following sections: Overview An overview of the architecture of Cisco IOS for
More informationIBM Systems and Technology Group
IBM Systems and Technology Group Encryption Facility for z/os Update Steven R. Hart srhart@us.ibm.com 2013 IBM Corporation Topics Encryption Facility for z/os EF OpenPGP Support X.509 vs. OpenPGP Certificates
More information"Charting the Course... MOC B Implementing a Desktop Infrastructure. Course Summary
Course Summary Description This 5-day instructor-led course provides you with the skills and knowledge needed to plan, design, and implement a Windows 8 desktop infrastructure. The course provides guidance
More informationSecuring Enterprise Extender
Securing Enterprise Extender Sam Reynolds IBM z/os Communications Server Design samr@us.ibm.com Ray Romney Cisco Systems romney@cisco.com Tony Amies William Data Systems Product Architect tony.amies@willdata.com
More informationIBM Education Assistance for z/os V2R2
IBM Education Assistance for z/os V2R2 Item: IBM HTTP Server move from Domino to Apache Element/Component: IBM HTTP Server Material current as of September 2015 Agenda Trademarks Presentation Objectives
More informationSession The Penguins Have Landed- Changes and Improvements with Linux on Z at Shelter Insurance
Session 09754 The Penguins Have Landed- Changes and Improvements with Linux on Z at Shelter Insurance Shelter Insurance 2011 Shelter Insurance Midwest - 13 states Property and Casualty Life Reinsurance
More informationQuick Start Your zsecure Suite - LAB
Quick Start Your zsecure Suite - LAB Mark S Hahn IBM Monday, August 6, 2012 Session 11687 From the Top Install the product(s) Determine which products are to be used Ensure product is not DISabled Review
More informationRA/2 RACF CLI Version 1 - Release 1
RA/2 RACF CLI Version 1 - Release 1 Copyright racfra2.com 2008 All Rights Reserved Distributed by: SEA America Inc. SEA Europe EBM Inc. Ubiquity Pty Ltd Softplex Japan racfra2.com corp. TABLE OF CONTENTS
More informationDesigning Windows Server 2008 Network and Applications Infrastructure
Designing Windows Server 2008 Network and Applications Infrastructure Course No. 6435B - 5 Days Instructor-led, Hands-on Introduction This five-day course will provide students with an understanding of
More informationInfoprint Server Update for z/os 2.2
Infoprint Server Update for z/os 2.2 Howard Turetzky, EDP Advanced Technical Support Ricoh Production Print Solutions Boulder, Colorado 80301 howard.turetzky@ricoh-usa.com Agenda New function in Infoprint
More informationLab Exercise: z/osmf Incident Log Session ID: Part of 15814, 15815, and 15604
SHARE in Pittsburgh August 2014 z/osmf Incident Log Hands On Lab z/osmf Hands-On Labs - Choose Your Own I, II, III Estimated Lab Time: 15-20 minutes Greg Daynes (gdaynes@us.ibm.com) IBM Corporation August
More informationImplementing a Desktop Infrastructure
Course 20415: Implementing a Desktop Infrastructure Page 1 of 7 Implementing a Desktop Infrastructure Course 20415: 4 days; Instructor-Led Introduction This 4-day instructor-led course provides you with
More informationEnterprise Computing Hands On! (ECHO!)
Enterprise Computing Conference June, 2015 Enterprise Computing Hands On! (ECHO!) Angelo F. Corridori Director of Enterprise Computing Education Marist College Agenda Background Why an ibook? ECHO! ibook
More informationImplementing an Advanced Server Infrastructure
Implementing an Advanced Server Infrastructure Course 20414C 5 Days Instructor-led, Hands-on Introduction Get hands-on instruction and practice planning, designing and deploying a physical and logical
More informationConfigure & Troubleshoot Windows Server 2008 R2 Application Infrastructure
Configure & Troubleshoot Windows Server 2008 R2 Application Infrastructure Course 6439A - Five days - Instructor-led - Hands-on Introduction This course introduces students to a series of Windows Server
More informationNA120 Network Automation 10.x Essentials
Course Data Sheet NA120 Network Automation 10.x Essentials Course No.: NA120-101 Category/Sub Category: Operations Management/Network Management Center For software version(s): 9.0 10.1 Software version
More informationIBM. JES2 Delivery Services. z/os. Version 2 Release 3
z/os IBM JES2 Email Delivery Services Version 2 Release 3 Note Before using this information and the product it supports, read the information in Notices on page 31. This edition applies to Version 2 Release
More information"Charting the Course... Constructing CA-OPS/MVS Applications Course Summary
Course Summary Description This course is designed for the attendee who understands REXX and is ready to take the next step toward developing CA-OPS/MVS applications. The course will show you how to construct,
More informationCisco SSL Encryption Utility
About SSL Encryption Utility, page 1 About SSL Encryption Utility Unified ICM web servers are configured for secure access (HTTPS) using SSL. Cisco provides an application called the SSL Encryption Utility
More informationKerberos. Pehr Söderman Natsak08/DD2495 CSC KTH 2008
Kerberos Pehr Söderman Pehrs@kth.se Natsak08/DD2495 CSC KTH 2008 Project Athena Started 1983 at MIT 10 000 workstations 1000 servers Unified enviroment Any user, any workstation, any server, anywhere...
More informationDeploying Cisco ASA VPN Solutions v2.0 (VPN)
Deploying Cisco ASA VPN Solutions v2.0 (VPN) Course Overview: The Deploying Cisco ASA VPN Solutions (VPN) v2.0 course is part of the curriculum path that leads to the Cisco CCNP Security certification.
More informationCourse 20416B: Implementing Desktop Application Environments Page 1 of 7
Course 20416B: Implementing Desktop Application Environments Page 1 of 7 Implementing Desktop Application Environments Course 20416B: 4 days; Instructor-Led Introduction In this four-day course, build
More information3. In the upper left hand corner, click the Barracuda logo ( ) then click Settings 4. Select the check box for SPoE as default.
Week 1 Lab Lab 1: Connect to the Barracuda network. 1. Download the Barracuda NG Firewall Admin 5.4 2. Launch NG Admin 3. In the upper left hand corner, click the Barracuda logo ( ) then click Settings
More informationMETHODOLOGY This program will be conducted with interactive lectures, PowerPoint presentations, discussions and practical exercises.
CENTER OF KNOWLEDGE, PATH TO SUCCESS Website: IDENTITY WITH WINDOWS SERVER 2016 Course 20742: 5 days; Instructor-Led INTRODUCTION This five-day instructor-led course teaches IT Pros how to deploy and configure
More informationIBM System z Fast Track
IBM System z Fast Track Duration: 10 Days Course Code: ESZ0G Overview: This 10 day course is intended to give IT professionals a well rounded introduction to the System z environment, current servers,
More information